exploitDog

CVE-2019-7712

Опубликовано: 26 мар. 2019

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

An issue was discovered in handler_ipcom_shell_pwd in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5.0.4. When using the pwd command, the current working directory path is used as the first argument to printf() without a proper check. An attacker may thus forge a path containing format string modifiers to get a custom format string evaluated. This results in an information leak of memory addresses.

Ссылки

https://github.com/bl4ckic3/GHS-Bugs
Third Party Advisory
https://www.ghs.com/products/rtos/integrity.html
Vendor Advisory
https://github.com/bl4ckic3/GHS-Bugs
Third Party Advisory
https://www.ghs.com/products/rtos/integrity.html
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:ghs:integrity_rtos:5.0.4:*:*:*:*:*:*:*

EPSS

Процентиль: 55%

0.00322

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-134

Связанные уязвимости

GHSA-gv5c-55x7-xjxx

CVSS3: 7.5

github

больше 3 лет назад

An issue was discovered in handler_ipcom_shell_pwd in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5.0.4. When using the pwd command, the current working directory path is used as the first argument to printf() without a proper check. An attacker may thus forge a path containing format string modifiers to get a custom format string evaluated. This results in an information leak of memory addresses.

EPSS

Процентиль: 55%

0.00322

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-134